I was once a proponent of cashless societies. Not anymore. Too many vulnerabilities, too many ways for governments to take control of your finances.
this post was submitted on 30 Oct 2024
625 points (98.6% liked)
Technology
59080 readers
4689 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
Cashless can only work if you adopt a digital cash such as monero, other wise you are taking away privacy, control and possibly small transactions (depending on what fees are common in your country)
In a cashless society banks and credit companies become your rulers as you have no real way to bypass them.
I suspect that any country that tries to go cashless without a real cash alternative, will just find itself with a new form of cash (gold, silver, etc) since eventually there will be enough people trying to avoid fees and taxes
Cryptocurrency has basically many of the same problems as traditional banks, it’s just a matter of who is controlling it. Monero is slightly different from most, because it is much more anonymous, but it’s really only a matter of time before even that advantage is lost.
There is no substitute for physical currency if you want privacy and anonymity.
Do you know how Monero's advantage could potentially be lost?
From what I understand, which honestly, isn’t a lot - the method used to anonymize transactions and balances is more like obfuscation than anything else. The system uses various techniques to fuzz up the data in such a way that it becomes impossible to trace.
It’s a bit like if you wanted to send a bank transfer for £200 but anonymize it somewhat, you could transfer that money around between a bunch of other bank accounts, before sending it on to the final source. And if multiple people are doing the same thing, it becomes essentially impossible to determine where the money entered and left.
The problem is though that such systems aren’t true encryption in the same way that RSA is, for example - the data isn’t unreadable, and it’s not impossible to reverse, it’s just that there’s so much junk data and it’s such a mess that it makes the true transactions difficult to identify and the end user has extremely strong plausible deniability. However, it’s likely just a matter of time before some state actor finds a vulnerability in the technique that allows them to trace transactions - if they haven’t already done so.
load more comments
(5 replies)
If it isn't cash you have to ask permission from someone to use it
Most of us need permission just to get our hands on cash.
load more comments
(1 replies)
Not to mention total monetary surveillance
Hmm, I don't anticipate the government to have many issues with that part... But if they have access, then enemies of the state may also gain access, which is the real problem they care about here.
load more comments
(4 replies)
Yeah, considering how bad banks and other financial institutions are at IT security and the fact that there's no incentive for a capitalist financial institution to fix that problem, it's not a good idea.
That's not entirely true. In order to be allowed to keep processing transactions you have to adhere to strict rules which do get regularly audited. And then there's the whole "customers will switch to another more reliable party in case of outages or security problems". And trust me, I've seen first-hand that they do.
You have to put on a show that you are sticking to those processes, on paper. But the fines for data breaches are generally way less than they save on not having a fully funded IT department and using security products that someone got a kickback for rather than the best product.
"Hacking" isn't some magical, intensely creative process for geniuses loke on TV. For the most part, it's usually just finding the really common things that IT departments don't do because they are underfunded and treat IT people like replaceable cogs. There is software out there to exploit those deficiencies. So they are forced to do things like use default or obvious admin passwords because who knows who is going to be there tomorrow to fix something and without the proper tools to store credentials, there's no way to properly secure things.
And when a security vulnerability is found, there's a reason why many don't bother informing the company before going to the media. Those companies pour tons of money into lawyers to avoid admitting the fault, often getting the innocent person who found the problem arrested, and never fix the actual issue. Just ask any pro whitehat security researcher not hired by the company all the things they have to do to protect themselves from being sued or arrested for "hacking" when they notice a problem.
And government technical auditors are a rarity because the regulators are underfunded. So they might go through some small list of things during regular audits, but they don't know to check if a DBMS system that contains backups and is stored "in the cloud" is using a default password or other common hacking targets. Hackers don't go after the primary infrastructure most of the time. It's not necessary because there are so many sloppy processes or left over insecure projects that "the last guy" was working on or that got defunded before it was completed, but only the primary infrastructure gets audited usually because that's all there is time and money for.
As for going somewhere else, there often aren't other places to go and when there are they usually have the same problem because there's very little reason for any of them to compete with each other. Most industries have consolidated so much that there are only a handful of parent companies left so it's easy to collude just because their leaders are often all in the same room at conferences and such.
I think you're being too pessimistic about IT security, particularly in the Financial sector. A lot of the security rules and audits aren't even government-run, it's the sector regulating itself. And trust me, they are pretty thorough and quite nitpicky about stuff.
The cost of failing an audit also often isn't even a fine, it's direct exclusion from a payment scheme. Basically, do it right or don't do it at all. Given that that is a strict requirement for staying in business, most of these companies will have sufficiently invested in IT security.
Of course it's not airtight, no system really is. But particularly in the financial sector most companies really do have their IT security in order.
load more comments
(3 replies)
My derped eyes and pronked brain read cashless as moneyless. Comon, Nordic countries, you can do it.
They call that type of "no currency" economy bartering. It works well for peer to peer transactions. Not quite so well for larger ones.
In a post-scarcity society, you wouldn't need money.
We could actually achieve that too. We'd just need to solve food logistics hurdles, homelessness, useless subsidies, bigotry, corruption, greed. Totally doable in our lifetime. /s
homelessness
USSR solved it.
As much as I hate using cash, I understand that the credit card companies charge ridiculous fees to businesses and also that people with very low income don't always have access to digital forms of payment. Maybe Sweden does better with equipping their entire society with digital tools, but in the US I don't think we are ready for a fully digital payment society.
I don't like using cashless anything because I know part of the cost is my privacy. Having said that, convenience is a powerful draw and cash can be a pain, especially when you have to find a spot for small coins.
nobody should be including apple or google spy apps in their payment processing
load more comments
(3 replies)
load more comments
(4 replies)
there haven't been card fees for end users in Sweden for many years. handling cash is a lot more expensive since you need somewhere secure to keep change, you loose time at the till handling the money, and you need to pay for someone to come pick it up. the time gained from just having the customers pay with card means businesses gladly swallow the fees.
and yes, i'm always surprised when going abroad how much more analog everything is. the nordics and Baltic's are generally at about the same level (with Estonia way ahead), but the rest of the continent feels like it's 10 years behind. I was once asked if I really wanted to pay with card in a corner shop in Leipzig, since the card fee was €10.
not that i'm a fan of the digitalisation, it makes marginalised groups even more marginalised. i see my elderly relatives struggling with it often.
load more comments
(1 replies)
load more comments
(10 replies)
Something we can thank the Russians for and hackers everywhere.
Yup, good things can happen for bad reasons.
In America, you can't open a bank account without an address. That means that the homeless population can't open a bank account (not easily, anyway), and therefore can't get a debit card.
Cashless is a nice idea, but it is extremely prohibitive against the most vulnerable people (which, sadly, might be part of the point).
It's largely a non-issue in the Nordic countries as you basically have to voluntarily opt out of any government aid programs to be homeless, which understandably most don't. This goes for most, if not all, vulnerable groups; most of the help is decently robust, at least enough to keep you fed and in housing. So I don't think it's a very large portion of the consideration, almost everything is paid via mobile pay, checks (any, not just from working) are all done digitally as well.
Ah yes, socialist practices... look how evil it is... taking care of others.
load more comments
(1 replies)
Its still an issue for refugees and domestic abuse survivors
In Germany any EU resident has a right to a basic account, in case you're homeless you should have an address because you're in a shelter, if you insist on sleeping rough (or the municipality is just too fucked up, happens in places) you can give the address of a social work organisation (those are all over also doing debtor counselling and a lot of other stuff).
Only valid reason for a bank to refuse basic business is if you tried to defraud them. They don't have to give you a credit line, but they do have to accept your money, store it, and let you wire it (incl. POS payments etc).
Identity fraud is not an issue because they'll want to see a proper ID which, if you're legally in the country, you have.
It's less about paying, though, you can always pay with cash in Germany, it's about the welfare authorities not wanting to handle cash and cheques only if actually necessary.
load more comments
(4 replies)
load more comments
(5 replies)
The risk of the payment system getting shut down and people being unable to make payments for a while is real. And it is one good reason to be less reliant on digital payments.
But there is also the risk of bad actors, which could also be e.g. Russia, getting access to decades of payment history through a hack, if everything is digital. Having that data for every citizen of a country could enable efficient profiling of people in the country using big data analysis technologies.
The kind of thing you could find out with the transaction data is who are working in the military or security police, who is sympathetic to Russia and at the same time vulnerable to work with foreign governments, and potential blackmailing material relating to people in these or other groups. I'm sure the analysts working for the bad actor can come up with even more useful things to look for in the data.
There are of course a lot of other data sources that bad actors are interested in and that are easier to hack, but the financial history seems more comprehensive source of information than most other ones.
load more comments
(10 replies)
Though having cash is not enough. The stores also need to be able to accept cash without internet usage. I think we had a case in germany a few years ago, where some supermarkets could not sell anything, because the servers, to which the local payment system connected (also uses for cash) didn't work. Not sure, if that was because of a security incident.
I see cash businesses all the time that can operate without power or Internet. Festival / market vendors, food trucks, etc. It's not hard to count money, give change, write down a receipt if needed.
Really? I would imagine stores could keep paper notes to record transactions and recheck inventory once internet access is restored.
load more comments
(1 replies)
I'm more concerned with the threats from the people in charge of the system, but whatever gets them to the conclusion that it's a bad idea is fine with me.
Noone uses cash in Sweden, except for maybe drug dealers and super old people(and the occasional tourist). Most businesses dont even accept cash anymore.
It isnt just the convenience of not having to carry cash, it is also much safer. Much lower risk of getting robbed, for both individuals and businesses.
load more comments
(12 replies)
Sure, but if a cyber attack knocks out your credit card systems in a targeted attack, chances are they're taking your cash machines down as well.
And who carries enough cash around to be useful any more? I know I don't. I might have a £20 note tucked in my phone case at a push.
And who carries enough cash around to be useful any more?
I do. Maybe not physically in my pocket, but between my wallet and my home there's enough cash to buy a tank of gas and a few days of groceries.
Parts of the debit/credit processing system are fragile enough that I've seen them down randomly for signifigant portions of a day.
Cash has got me food when other people have been stuck without the ability to pay more than once in the last couple of years.
load more comments
(1 replies)
£20 should still get you a meal of some kind until the credit cards and cash machines are back, hopefully within a few hours or next day at the latest.
Can't really say I even have that much on me most of the time though - perhaps I should change that, keep a minimum of like €50 that's only touched in an emergency or something. Swedbank has had several outages in the last few months here in Estonia and it affects many stores' payment terminals too.
view more: next ›